Linux Lite Forums

General => Security & Bug Fixes => Topic started by: kissbaby3 on May 23, 2020, 03:02:52 PM

Title: a topic i thought i share, yep, the computer virus talk
Post by: kissbaby3 on May 23, 2020, 03:02:52 PM
hopefully i have this in the right spot,

i am on mewe (facebook alternative)  right now,  read this post in one of the forums i'm in , a computer type group, and thinking this link might be of some interest,
it does not say much, but makes me wonder, currently i have not used any antivirus protection.

what are your thoughts ?, anyone ?.
 i know this subject comes up from time to time.

https://www.express.co.uk/life-style/science-technology/1275557/Windows-10-MacOS-Warning-Anti-Virus-Application-Hacks-Flaw

Title: Re: a topic i thought i share, yep, the computer virus talk
Post by: trinidad on May 24, 2020, 10:01:51 AM
Anytime a network user of any kind can obtain a root shell anything is possible. This particular discussion is meaningless if you are NOT using an anti-virus product that works from root on your system. Some systems, especially with Linux, systems like up to date RHEL or Debian, are less vulnerable to any meaningful exploit from this AV usage configuration than others. Other technically "Linux" systems like Mac or Android are particularly more vulnerable. Don't use anti-virus that can access a root shell in an automated fashion with Linux, which is most of them for an ordinary user that does not use a virtual layer. Also many AV products don't responsibly thoroughly report internal CVEs. They just slide by and let the others report first. Below are examples of more thorough reporting. You are a Linux Lite user not a server farm. In your case using any AV can arguably expose your system to more vulnerability than not using one at all.

https://www.cvedetails.com/vulnerability-list/vendor_id-8861/Eset.html
https://www.cvedetails.com/vulnerability-list/vendor_id-9957/Kaspersky.html

TC
Title: Re: a topic i thought i share, yep, the computer virus talk
Post by: kissbaby3 on May 26, 2020, 04:37:05 PM
Anytime a network user of any kind can obtain a root shell anything is possible. This particular discussion is meaningless if you are NOT using an anti-virus product that works from root on your system. Some systems, especially with Linux, systems like up to date RHEL or Debian, are less vulnerable to any meaningful exploit from this AV usage configuration than others. Other technically "Linux" systems like Mac or Android are particularly more vulnerable. Don't use anti-virus that can access a root shell in an automated fashion with Linux, which is most of them for an ordinary user that does not use a virtual layer. Also many AV products don't responsibly thoroughly report internal CVEs. They just slide by and let the others report first. Below are examples of more thorough reporting. You are a Linux Lite user not a server farm. In your case using any AV can arguably expose your system to more vulnerability than not using one at all.

https://www.cvedetails.com/vulnerability-list/vendor_id-8861/Eset.html
https://www.cvedetails.com/vulnerability-list/vendor_id-9957/Kaspersky.html

TC

thank you , that was interesting .